Some embodiments may be associated with a cloud-based actor framework. A dispatcher platform may determine that a first tenant actor is to be created for a first tenant in connection with a workload associated with a plurality of tenant identifiers. The first tenant may be, for example, associated with a first tenant identifier. The dispatch platform may then select a first thread for the first tenant actor from a pool of available threads and spin a first web assembly module such that execution of the first web assembly module is associated with a first web assembly browser sandbox. The dispatcher platform can then securely create the first tenant actor within the first web assembly browser sandbox to execute the workflow for the first tenant identifier. Similarly, a second web assembly browser sandbox may execute a second tenant actor for a second tenant identifier.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A system associated with a cloud-based actor framework, comprising: a dispatcher platform, including: a computer processor, and a memory storage device including instructions that when executed by the computer processor enable the system to: (i) determine that a first tenant actor is to be created for a first tenant in connection with a workload associated with a plurality of tenant identifiers, wherein the first tenant is associated with a first tenant identifier, (ii) select a first thread for the first tenant actor from a pool of available threads, (iii) spin a first web assembly module such that execution of the first web assembly module is associated with a first web assembly browser sandbox, and (iv) creating the first tenant actor within the first web assembly browser sandbox to execute the workflow for the first tenant identifier.
This invention relates to a cloud-based actor framework system designed to manage workloads across multiple tenants in a secure and isolated manner. The system addresses the challenge of efficiently executing tenant-specific workflows while maintaining isolation between different tenants to prevent data leakage or interference. The system includes a dispatcher platform with a computer processor and memory storage. The platform determines when a new tenant actor must be created for a specific tenant associated with a workload involving multiple tenant identifiers. Upon identifying the need for a new actor, the system selects an available thread from a pool to handle the tenant's workload. The system then spins a web assembly (WASM) module, ensuring its execution is confined to a dedicated WASM browser sandbox. This sandboxing technique provides isolation, preventing cross-tenant interference. Finally, the system creates the tenant actor within the sandbox, where it executes the workflow for the specified tenant identifier. The use of WASM modules and browser sandboxes ensures secure, isolated execution environments for each tenant, while the thread pool management optimizes resource utilization. This approach is particularly useful in multi-tenant cloud environments where workload isolation and efficient resource management are critical.
2. The system of claim 1 , wherein the dispatcher platform is further to: determine that a second tenant actor is to be created for a second tenant in connection with the workload, wherein the second tenant is associated with a second tenant identifier, select a second thread for the second tenant actor from the pool of available threads, spin a second web assembly module such that execution of the second web assembly is associated with a second web assembly browser sandbox, and create the second tenant actor within the second web assembly browser sandbox to execute the workflow for the second tenant identifier.
This invention relates to a multi-tenant system for executing workloads in isolated environments. The system addresses the challenge of securely managing multiple tenants within a shared computing environment while ensuring isolation and resource efficiency. The system includes a dispatcher platform that dynamically creates tenant actors for different tenants, each associated with a unique tenant identifier. When a workload is initiated, the dispatcher determines if a new tenant actor is required for a second tenant. If so, it selects an available thread from a pool, spins a new web assembly module, and associates its execution with a dedicated web assembly browser sandbox. The new tenant actor is then created within this sandbox to execute the workload for the specified tenant identifier. This approach ensures that each tenant's workload runs in an isolated environment, preventing interference between tenants while optimizing resource usage by reusing threads from a shared pool. The system leverages web assembly for lightweight, secure execution and browser sandboxes for additional isolation, enabling efficient multi-tenancy in cloud or distributed computing environments.
3. The system of claim 2 , wherein the dispatcher platform is further to: determine that an additional tenant actor is to be created for the first tenant in connection with the workload, select an additional thread for the additional tenant actor from a pool of available threads, and create the additional tenant actor within the first web assembly browser sandbox to execute the workflow for the first tenant identifier.
This invention relates to a system for managing multi-tenant workloads in a web assembly browser sandbox environment. The problem addressed is the efficient execution of tenant-specific workflows while maintaining isolation and resource management in a shared computing environment. The system includes a dispatcher platform that manages tenant actors, which are lightweight execution units for processing workloads. The dispatcher platform assigns tenant actors to specific tenants and ensures they execute within isolated web assembly browser sandboxes. Each tenant actor is associated with a unique tenant identifier and runs on a dedicated thread from a pool of available threads. The system dynamically creates additional tenant actors for a given tenant when needed. The dispatcher platform determines when an additional tenant actor is required for a tenant's workload, selects an available thread from the pool, and creates the new tenant actor within the tenant's web assembly sandbox. This allows the system to scale workload execution dynamically while maintaining isolation between tenants. The use of a thread pool ensures efficient resource utilization and prevents thread creation overhead. The web assembly sandbox provides security and isolation, ensuring that tenant-specific workflows do not interfere with each other. This approach is particularly useful in cloud-based or multi-tenant applications where workloads must be executed securely and efficiently.
4. The system of claim 2 , wherein the first web assembly browser sandbox is associated with a first memory heap that is not accessible from the second web assembly browser sandbox.
This invention relates to a system for securely executing web applications using isolated browser sandboxes. The problem addressed is the need to prevent unauthorized data access between different web applications running in a browser environment. The system includes multiple web assembly browser sandboxes, each running isolated instances of web applications. Each sandbox is associated with a dedicated memory heap that is inaccessible to other sandboxes, ensuring strict memory isolation. This prevents one web application from accessing or modifying the memory of another, enhancing security and preventing malicious interference. The system may also include a communication interface that allows controlled data exchange between sandboxes while maintaining isolation. The invention improves upon existing browser security models by providing stronger isolation boundaries at the memory level, reducing the risk of cross-application attacks. The solution is particularly useful for running untrusted or third-party web applications in a secure manner.
5. The system of claim 2 , wherein a system call from the first web assembly browser sandbox is mediated and controlled.
A system for secure execution of web applications involves a web assembly browser sandbox that isolates untrusted code from the host operating system. The system includes a mediation layer that intercepts and controls system calls made by the sandboxed code, preventing unauthorized access to system resources. This mediation layer enforces security policies, such as restricting file access, network operations, or hardware interactions, while allowing necessary functionality for the application to function. The system ensures that even if the web assembly code is compromised, it cannot escape the sandbox or perform malicious actions outside its permitted scope. The mediation layer may include policy enforcement mechanisms, logging capabilities, and real-time monitoring to detect and block suspicious activities. This approach enhances security by maintaining strict isolation between the untrusted web assembly environment and the host system, mitigating risks associated with executing potentially harmful code. The system is particularly useful for web browsers, cloud-based applications, and other environments where untrusted code must be executed safely.
6. The system of claim 2 , wherein control flow integrity for the first web assembly browser sandbox is maintained by separating an execution stack from web assembly module memory.
A system for enhancing security in web assembly (WASM) browser environments addresses vulnerabilities in sandboxed execution. The system isolates the execution stack of a WASM module from its memory space to prevent control flow hijacking attacks, such as stack-based buffer overflows. By maintaining strict separation between the stack and memory, the system ensures that unauthorized modifications to the stack cannot redirect program execution. This approach mitigates risks where malicious code could exploit memory corruption to alter return addresses or control flow, thereby improving the integrity of the WASM sandbox. The system operates within a browser environment where WASM modules are executed in a restricted sandbox to enhance security while maintaining performance. The separation mechanism involves distinct memory regions for stack operations and module data, enforced by hardware or software-based memory protection. This design prevents common exploitation techniques that rely on stack manipulation, such as return-oriented programming (ROP) or jump-oriented programming (JOP). The system is particularly useful in web applications that rely on WASM for performance-critical tasks, ensuring secure execution without compromising functionality. By enforcing strict boundaries between execution contexts, the system provides a robust defense against control flow integrity violations in sandboxed environments.
7. The system of claim 2 , wherein access to a function for the first web assembly browser sandbox is limited via an index into a function table.
A system for managing web assembly (WASM) execution in a browser environment addresses the challenge of securely isolating and controlling access to functions within a WASM sandbox. The system includes a first WASM browser sandbox configured to execute WASM code and a second WASM browser sandbox configured to execute additional WASM code. The system further includes a function table that stores references to functions available for execution within the first WASM sandbox. Access to these functions is restricted by using an index into the function table, ensuring that only authorized functions can be invoked. This indexing mechanism provides a controlled and secure way to manage function access, preventing unauthorized execution of sensitive operations. The system may also include a memory management module to allocate and deallocate memory for the WASM sandboxes, ensuring efficient resource utilization. Additionally, a communication module facilitates secure data exchange between the first and second WASM sandboxes, enabling coordinated execution of WASM code while maintaining isolation. The overall system enhances security and performance in browser-based WASM environments by enforcing strict access controls and efficient resource management.
8. A computer-implemented method associated with a cloud-based actor framework, comprising: determining that a first tenant actor is to be created for a first tenant in connection with a workload associated with a plurality of tenant identifiers, wherein the first tenant is associated with a first tenant identifier; selecting a first thread for the first tenant actor from a pool of available threads; spinning, by a dispatcher platform, a first web assembly module such that execution of the first web assembly module is associated with a first web assembly browser sandbox; and creating the first tenant actor within the first web assembly browser sandbox to execute the workflow for the first tenant identifier.
This invention relates to a cloud-based actor framework for managing workloads across multiple tenants. The problem addressed is the efficient and secure execution of tenant-specific workflows in a shared cloud environment while maintaining isolation between different tenants. The method involves creating a tenant-specific actor for a first tenant associated with a workload involving multiple tenant identifiers. A thread is selected from a pool of available threads to handle the tenant actor. A dispatcher platform then spins a web assembly (Wasm) module, ensuring its execution is confined to a dedicated Wasm browser sandbox. The tenant actor is created within this sandbox to execute the workflow for the specific tenant identifier. This approach ensures that each tenant's workload runs in an isolated environment, enhancing security and preventing interference between different tenants' operations. The use of Wasm modules and browser sandboxes provides lightweight, secure execution contexts for tenant-specific tasks. The system dynamically allocates threads and sandboxes as needed, optimizing resource usage while maintaining tenant isolation.
9. The method of claim 8 , further comprising: determining that a second tenant actor is to be created for a second tenant in connection with the workload, wherein the second tenant is associated with a second tenant identifier; selecting a second thread for the second tenant actor from the pool of available threads; spinning, by the dispatcher platform, a second web assembly module such that execution of the second web assembly is associated with a second web assembly browser sandbox; and creating the second tenant actor within the second web assembly browser sandbox to execute the workflow for the second tenant identifier.
This invention relates to a system for managing multi-tenant workloads in a computing environment, specifically addressing the challenge of securely isolating tenant-specific execution contexts while efficiently utilizing system resources. The system employs a dispatcher platform that dynamically allocates threads and web assembly (WASM) modules to create isolated execution environments, known as tenant actors, for different tenants. Each tenant actor is associated with a unique tenant identifier and operates within a dedicated WASM browser sandbox, ensuring secure isolation between tenants. The dispatcher platform maintains a pool of available threads, selecting and assigning them to tenant actors as needed. When a new tenant requires processing, the system determines the need for a new tenant actor, selects an available thread, spins a new WASM module, and creates the tenant actor within the isolated sandbox. This approach allows multiple tenants to execute workflows concurrently while maintaining strict isolation, improving security and resource efficiency. The system dynamically manages thread allocation and sandbox creation to handle varying workloads without compromising performance or security.
10. The method of claim 9 , further comprising: determining that an additional tenant actor is to be created for the first tenant in connection with the workload; selecting an additional thread for the additional tenant actor from the pool of available threads; and creating the additional tenant actor within the first web assembly browser sandbox to execute the workflow for the first tenant identifier.
This invention relates to multi-tenancy systems in web assembly (WASM) browser environments, specifically addressing the challenge of efficiently managing tenant-specific workloads within isolated sandboxes. The system dynamically allocates and manages tenant actors—lightweight execution units—to process workloads for multiple tenants while maintaining isolation and resource efficiency. Each tenant actor is assigned a unique tenant identifier and operates within a dedicated WASM sandbox to ensure security and performance. The method involves monitoring workloads for a tenant, determining when additional tenant actors are needed, selecting available threads from a shared pool, and creating new tenant actors to handle the workload. This approach optimizes resource utilization by reusing threads and dynamically scaling tenant actors based on demand. The system ensures that tenant-specific operations remain isolated, preventing interference between different tenants while efficiently distributing computational resources. This solution is particularly useful in cloud-based or multi-tenant applications where workload isolation and dynamic scaling are critical.
11. The method of claim 9 , wherein the first web assembly browser sandbox is associated with a first memory heap that is not accessible from the second web assembly browser sandbox.
WebAssembly (WASM) is a low-level binary instruction format designed for secure execution in web browsers. A challenge in WASM environments is ensuring secure isolation between different browser sandboxes to prevent unauthorized data access or code execution. This invention addresses this problem by implementing a method for isolating memory heaps in a browser environment running multiple WebAssembly modules. The method involves executing a first WebAssembly module in a first browser sandbox and a second WebAssembly module in a second browser sandbox. The first sandbox is associated with a first memory heap that is inaccessible from the second sandbox, and vice versa. This isolation prevents the second sandbox from accessing or modifying the memory heap of the first sandbox, enhancing security. The method may also include dynamically allocating memory for the first sandbox while ensuring the second sandbox cannot access it. Additionally, the method may involve enforcing memory access restrictions through hardware-based memory protection mechanisms, such as memory segmentation or virtual memory management, to further secure the isolation. This approach ensures that even if one sandbox is compromised, the other remains secure, mitigating potential attacks.
12. The method of claim 9 , wherein a system call from the first web assembly browser sandbox is mediated and controlled.
A system for secure execution of web assembly code in a browser environment addresses the challenge of isolating untrusted code while maintaining performance. The system creates multiple web assembly browser sandboxes, each with its own isolated execution environment. These sandboxes restrict access to system resources, preventing malicious or unintended interactions between different web assembly modules. A mediation layer controls and monitors system calls from these sandboxes, ensuring that only authorized operations are permitted. This layer enforces security policies, validates requests, and logs activities to detect and prevent unauthorized access. The mediation layer can also transform or redirect system calls to alternative services, enhancing security and flexibility. By controlling system calls, the system prevents unauthorized access to sensitive resources, such as memory, files, or network interfaces, while allowing legitimate operations to proceed. The approach ensures that web assembly code runs in a secure, isolated environment without compromising system integrity or performance. This method is particularly useful for executing untrusted code, such as third-party scripts or plugins, in a web browser without exposing the underlying system to risks.
13. The method of claim 9 , wherein control flow integrity for the first web assembly browser sandbox is maintained by separating an execution stack from web assembly module memory.
This invention relates to web assembly (WASM) browser sandboxing, specifically addressing security vulnerabilities in executing untrusted code within a browser environment. The problem solved is maintaining control flow integrity in WASM modules to prevent exploits like stack-based attacks, which can compromise browser security. The method involves a browser sandbox that isolates WASM module execution. A key security measure is the separation of the execution stack from the WASM module's memory space. This separation prevents unauthorized access or manipulation of the stack, which is critical for maintaining control flow integrity. The execution stack is used to manage function calls and returns, while the WASM module memory stores data and code. By keeping these distinct, the system prevents attackers from corrupting the stack to redirect execution or execute arbitrary code. The sandbox also includes mechanisms to validate and enforce memory access rules, ensuring that WASM modules cannot access memory outside their allocated space. This further enhances security by preventing memory corruption attacks. The method may also involve runtime monitoring to detect and block suspicious behavior, such as unexpected stack manipulations or unauthorized memory accesses. This approach improves security in browser environments where untrusted WASM modules are executed, reducing the risk of exploits that could compromise user data or system integrity. The separation of stack and memory is a core feature that mitigates common attack vectors in WASM execution.
14. The method of claim 9 , wherein access to a function for the first web assembly browser sandbox is limited via an index into a function table.
A method for controlling access to functions in a web assembly browser sandbox environment addresses the challenge of securely managing function execution within isolated runtime environments. The method involves restricting access to specific functions by using an index into a function table, which acts as a lookup mechanism to determine permissible operations. This approach enhances security by preventing unauthorized access to sensitive functions, ensuring that only approved operations can be executed within the sandbox. The function table serves as a centralized registry, mapping indices to corresponding functions, and access is granted only when the requested index corresponds to an allowed function. This technique is particularly useful in web assembly environments where multiple sandboxes may coexist, each requiring distinct access controls. By leveraging indexed access, the method provides a scalable and efficient way to enforce security policies, reducing the risk of malicious or unintended function execution. The solution is applicable in scenarios where secure isolation of code execution is critical, such as in web browsers, cloud computing, or other multi-tenant systems. The method ensures that only authorized functions are accessible, improving overall system security and reliability.
15. A non-transitory, computer readable medium having executable instructions stored therein, the medium comprising: instruction to determine that a first tenant actor is to be created for a first tenant in connection with a workload associated with a plurality of tenant identifiers, wherein the first tenant is associated with a first tenant identifier; instruction to select a first thread for the first tenant actor from a pool of available threads; instruction to spin, by a dispatcher platform, a first web assembly module such that execution of the first web assembly module is associated with a first web assembly browser sandbox; and instruction to create the first tenant actor within the first web assembly browser sandbox to execute the workflow for the first tenant identifier.
This invention relates to a system for managing multi-tenant workloads in a secure, isolated execution environment using web assembly (WASM) modules. The problem addressed is the need to efficiently and securely execute workloads for multiple tenants in a shared computing environment while maintaining isolation between tenants to prevent data leakage or interference. The system involves a non-transitory computer-readable medium storing executable instructions for creating and managing tenant actors. A tenant actor is a logical entity that executes a workload associated with a specific tenant identifier. When a workload is initiated, the system determines that a first tenant actor must be created for a first tenant, which is identified by a first tenant identifier. The system then selects an available thread from a pool of threads to handle this tenant actor. A dispatcher platform spins a first web assembly module, which is executed within a dedicated web assembly browser sandbox. This sandbox provides an isolated execution environment to ensure that the workload runs securely without interfering with other tenants. The first tenant actor is then created within this sandbox to execute the workflow for the first tenant identifier. The use of WASM modules and browser-like sandboxes ensures lightweight, secure, and efficient execution of tenant-specific workloads in a multi-tenant environment.
16. The medium of claim 15 , further comprising: instruction to determine that a second tenant actor is to be created for a second tenant in connection with the workload, wherein the second tenant is associated with a second tenant identifier; instruction to select a second thread for the second tenant actor from the pool of available threads; instruction to spin, by the dispatcher platform, a second web assembly module such that execution of the second web assembly is associated with a second web assembly browser sandbox; and instruction to create the second tenant actor within the second web assembly browser sandbox to execute the workflow for the second tenant identifier.
This invention relates to a system for managing multi-tenant workloads in a computing environment, specifically addressing the challenge of securely isolating tenant-specific execution contexts while efficiently utilizing system resources. The system involves a dispatcher platform that dynamically allocates and manages tenant actors, which are isolated execution units for processing tenant-specific workloads. Each tenant actor is associated with a unique tenant identifier and operates within a dedicated web assembly (WASM) browser sandbox, ensuring secure isolation between tenants. The system maintains a pool of available threads, from which threads are selected for each tenant actor to execute workloads. When a new tenant requires processing, the dispatcher platform creates a new tenant actor by spinning a new WASM module within a separate sandbox, associating it with the tenant's identifier, and assigning it a thread from the pool. This approach allows multiple tenants to share the same system resources while maintaining strict isolation, improving both security and resource utilization. The system dynamically scales by creating additional tenant actors as needed, each with its own isolated execution environment, ensuring that workloads for different tenants do not interfere with one another.
17. The medium of claim 16 , further comprising: instruction to determine that an additional tenant actor is to be created for the first tenant in connection with the workload; instruction to select an additional thread for the additional tenant actor from a pool of available threads; and instruction to create the additional tenant actor within the first web assembly browser sandbox to execute the workflow for the first tenant identifier.
This invention relates to a system for managing multi-tenant workloads in a web assembly browser sandbox environment. The problem addressed is efficiently isolating and executing tenant-specific workflows while optimizing resource usage, particularly thread allocation, within a shared computing environment. The system involves a web assembly browser sandbox that hosts multiple tenant actors, each executing workflows for different tenants. When a workload is initiated for a first tenant, the system determines whether an additional tenant actor is needed for that tenant. If required, the system selects an additional thread from a pool of available threads and creates the new tenant actor within the sandbox. This actor then executes the workflow associated with the first tenant's identifier. The system ensures that each tenant's workflow runs in an isolated, secure environment while dynamically managing thread resources to maintain performance and scalability. The invention also includes mechanisms for managing thread pools, ensuring that threads are efficiently allocated and reused across multiple tenant actors. This approach reduces overhead and improves resource utilization in multi-tenant environments. The system is designed to handle dynamic workloads, allowing for seamless scaling as tenant demands fluctuate. The use of web assembly sandboxes provides additional security and isolation, preventing cross-tenant interference while maintaining efficient execution.
18. The medium of claim 16 , wherein the first web assembly browser sandbox is associated with a first memory heap that is not accessible from the second web assembly browser sandbox.
WebAssembly (WASM) is a low-level binary instruction format designed for efficient execution in web browsers, enabling high-performance applications. A challenge in WASM environments is ensuring secure isolation between different applications or components running in the same browser, as memory access violations can lead to security vulnerabilities or unintended data leaks. This invention addresses this challenge by implementing a system that includes multiple WebAssembly browser sandboxes, each with its own isolated memory heap. Specifically, the system provides a first WebAssembly browser sandbox associated with a first memory heap that is inaccessible from a second WebAssembly browser sandbox. This isolation prevents unauthorized memory access between the sandboxes, enhancing security and preventing data leaks or interference between different WASM modules. The system may also include a second memory heap associated with the second sandbox, ensuring that each sandbox operates in a fully isolated memory environment. Additionally, the system may include a memory management module that enforces these isolation rules, dynamically allocating and managing memory heaps for each sandbox to maintain strict separation. This approach ensures that even if one sandbox is compromised, the integrity of the other remains intact, providing a robust security mechanism for WASM-based applications.
19. The medium of claim 16 , wherein a system call from the first web assembly browser sandbox is mediated and controlled.
A system for securely executing web assembly code in a browser environment addresses the challenge of isolating untrusted code while maintaining performance. The system creates multiple web assembly browser sandboxes, each with its own memory space and execution context, to prevent malicious or faulty code from affecting other sandboxes or the host system. Each sandbox is configured with specific permissions and restrictions to limit access to system resources. The system further includes a mediation layer that intercepts and controls system calls from the sandboxes, ensuring that only authorized operations are permitted. This mediation layer enforces security policies, validates system calls, and may modify or block unauthorized requests. The system also supports inter-sandbox communication through controlled channels, allowing secure data exchange while maintaining isolation. By combining sandboxing with system call mediation, the system provides a secure execution environment for web assembly code, reducing the risk of exploits while maintaining compatibility with existing web applications. The approach is particularly useful for running untrusted third-party scripts or plugins in a browser without compromising system security.
20. The medium of claim 16 , wherein control flow integrity for the first web assembly browser sandbox is maintained by separating an execution stack from web assembly module memory.
This invention relates to web assembly (WASM) browser sandboxing, specifically addressing security vulnerabilities in executing untrusted WASM code within a browser environment. The problem solved is ensuring control flow integrity (CFI) in WASM sandboxes, where malicious code can exploit memory corruption to hijack execution flow. The solution involves a sandboxed execution environment that isolates the execution stack from the WASM module's memory space. This separation prevents attackers from manipulating the stack to redirect program flow, even if memory corruption occurs. The sandbox enforces strict memory access controls, ensuring that WASM code cannot access or modify the stack directly. Additionally, the system may include mechanisms to validate and enforce control flow transitions, such as checking return addresses or function pointers against a predefined set of valid targets. The sandbox may also support dynamic analysis of WASM code to detect and block suspicious behavior, such as unexpected jumps or indirect calls. By maintaining strict isolation between the execution stack and WASM memory, the system ensures that even if an attacker compromises the WASM module's memory, they cannot alter the program's control flow, significantly reducing the risk of exploitation. This approach enhances security without requiring modifications to the browser's core architecture, making it compatible with existing web applications.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
September 19, 2019
March 15, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.